Vulnerability in Mitsubishi Electric Corporation Analytix
CVE-2025-0921
Execution with Unnecessary Privileges vulnerability in multiple services of Mitsubishi Electric GENESIS64 versions 10.97.3 and prior, Mitsubishi Electric ICONICS Suite versions 10.97.3 and prior, Mitsubishi Electric MobileHMI versions 10.9…
EPSS: 0.002 (7.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N.
Affected products
- Mitsubishi Electric Corporation Analytix — versions versions 10.97.3 and prior
- Mitsubishi Electric Corporation Bizviz — versions all versions
- Mitsubishi Electric Corporation Genesis — versions version 11.00
- Mitsubishi Electric Corporation Genesis32 — versions all versions
- Mitsubishi Electric Corporation Genesis64 — versions versions 10.97.3 and prior
- Mitsubishi Electric Corporation Hyper Historian — versions versions 10.97.3 and prior
- Mitsubishi Electric Corporation Iconics Suite — versions versions 10.97.3 and prior
- Mitsubishi Electric Corporation Iotworx — versions version 10.95
- Mitsubishi Electric Corporation Mc Works64 — versions all versions
- Mitsubishi Electric Corporation Mobilehmi — versions versions 10.97.3 and prior
Weakness classification (CWE)
References
- Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp (vendor-advisory)
- Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp (government-resource)
- Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp (government-resource)
Frequently asked questions
- What is CVE-2025-0921?
- CVE-2025-0921 is a medium-severity vulnerability in Mitsubishi Electric Corporation Analytix, classified under CWE-250. CVSS score: 6.5/10. Published 2025-05-15.
- How severe is CVE-2025-0921?
- Medium severity. CVSS v3 base score is 6.5 out of 10.